[00:01] New bug: #407379 in bind9 (main) "After an update the vpnc is not able to pick up dns information" [Undecided,Invalid] https://launchpad.net/bugs/407379 === funkyHat is now known as funkyCat === funkyCat is now known as funkyHat === lamont` is now known as lamont [02:49] just trying to find the best option here for failover...i have one server currently and a 2nd server that i am setting up now to do a failover... [02:49] i was planning to rysnc the directories and replicate mysql [02:50] is that the best option... [02:50] this is for my website and sql server [02:50] i was going to replicate /var/www [02:50] sorry rsync [03:05] hello [03:24] shadow98, that sounds like a good plan to me [04:13] awesome [04:21] New bug: #393792 in lighttpd (main) "lighttpd reload executes restart (bad on logrotate!)" [Medium,Fix released] https://launchpad.net/bugs/393792 [05:29] Okay, so if X has a problem finding the 'fixed' font, what package would I need to reinstall to fix it? [05:33] One that's not related to Ubuntu Server [05:41] hi guys i am having problems compiling a drivers for my 56k modem on my server and here what I am getting http://pastebin.com/pastebin.php?dl=m76fb116d [05:42] Do people actually still use modems? o.O [05:43] FAXes are still fairly common in the business world, so yes, they do use modems for FAX transmission and reception. [05:44] that is correct jmarsden [05:44] The more pertinent question here is why one would build a FAX server and use an unsupported internal modem rather than one known to work with the appropriate FAX server software... [05:45] Okay.. So, I have a gigabit switch and gigabit NIC, but my switch is showing only 100mbit connection, not 1000mbit. Is there something I need to be doing to get it to go up to 1000? [05:45] How far apart are they? [05:45] The computer and the switch? [05:45] jmarsden: its on a research that I am doing on and please I wanted to know how to build a fax server on linux [05:46] ScottK: About... 2 inches.. Cable's a 6 inch. [05:46] TimReichhart: Step one is choose appropriate hardware :) I'll take a look, but... [05:46] Err, well, not 6 inch, but like, 2 foot. [05:46] OK. so much for that idea [05:46] And it's cat5e :) [05:47] jmarsden: but what [05:48] TimReichhart: But you make life difficult when you choose to ignore that step! I have built multiport FAX servers for clients... see http://www.hylafax.org/content/Hardware_Compatibility_List [05:49] jmarsden: yes I do have a external modem but I dont have a null cable for it so that is why I am trying to get this intel/internal card to work and I know the modem is working bc I can hear a dial tone and I can call out but I just cant get it to send out any faxes..... [05:50] Are you sure the driver for it supports FAXing? What Class is is supposed to handle? 2.0 ? [05:51] from what I was told this driver is supported for faxing and I dont know what classs its handling on [05:53] So... ask it... use minicom or whatever terminal emulatir you are using for debugging and try the AT+FCLASS=2.0 command, etc... what have you tried exactly? [05:54] I havent really tried anything except for trying to get this driver to work [05:54] Define "work"? You got it to give you dial tone and dial out... how did you do that? What did you use to make the outgoing calls? [05:55] I dont remember how I got the modem to make a outgoing call [05:55] modem to make it to work to make the outgoing call* [05:56] A research you are doing... but you made no notes as you did the research? Lesson #1: Take good notes. [05:56] Looks like the thing you are trying to compile is a kernel module, is that correct? [05:57] that is what I have been told to do [05:57] but when I tried to search for the modem there isnt anything showing for the modem [05:57] Been told? This is a research project, you should be the one deciding what to do. Following what other people tell you do to is not research. Do you have the kernel sources installed? [05:58] how do I know if I got the kernal sources installed? [05:58] Because you installed them as part of your work on this research project? :) [05:59] i dont think I installed them but how can I make sure I got them installed [06:00] Same way you tell if you have any other package installed... dpkg -l PACKAGENAME -- in this case the PACKAGENAME is probably linux-generic [06:01] Hmmmm [06:02] see I tried the linux-generic it was telling me to re-install the server part of it when I did the updates [06:02] Be specific... you used what command and got what exact error message back from it? [06:03] when I did the sudo apt-get update [06:03] I dont have the linux-generic anymore I got the server part of re-installed [06:03] Bleh. Still no 1gbit. [06:04] TimReichhart: So try installing linux-generic now and then try compiling your kernel module again. [06:09] If i wanted to add a subdomain pointing at a url in bind wouldn't that be a server alias [06:09] or i mean an alias record [06:15] Okay, so it's an on-board 3c940 10/100/1000 NIC that's not going 1000 mbit mode.. On another system, I have it with a nForce 2 10/100/1000 and Linksys 10/100/1000, the Linksys will go 1000 no problem, but neither on-board 1000-capable NIC is going 1000. [06:30] artillerytx: DNS records can only point to an IP address, not to a URL. [06:30] so i would create a new virtual host [06:30] with that subdomain [06:31] Sure, you could do that. [06:31] and then point the dns record to the same ip [06:31] Yes. [06:31] does this work for you http://invoice.longhornpcrepair.com [06:31] Doesn't look like it [06:31] Nope, that is not in the DNS here. [06:31] alright oh well no big deal [06:31] i will figure it out later [06:37] psi-jack, it is possible that your cable is too short [06:37] the specification requires 3' minimum length [06:39] shorter ones usually work but not always [06:42] qman__: Oh no, it's not too short. [06:44] The Linksys 10/100/1000 connected to my switch at 1000, but neither the nForce2 or 3c940 on-board NIC's of two computers will do it at 1000. [06:44] nforce 2? [06:44] The Linksys one is PCI card. [06:44] qman__: Yeah. [06:44] those aren't gigabit [06:44] so there's your problem [06:44] Yes, actually, it is. [06:45] nforce 4 is gigabit [06:45] Hey, the mobo manual says the NIC is 10/100/1000, so I'm trusting the manufacturer here. ;) [06:45] must be a pretty unusual setup then [06:46] nforce 2 is pretty old, before gigabit was common or cheap enough for most people [06:46] The new NVIDIA nForce2 Gigabit MCP delivers industry-leading Gigabit Ethernet performance/ [06:47] Not uncommon at all, nVidia even says it. [06:48] And the nforce2 was well after gigabit was out. [06:48] But the 3c940 is also having the same problem, it won't go 1000mbit. [06:49] if the cable is tested good, then that's pretty strange [06:49] So far, the only one I've managed to actually go 1000mbit, is the bloody Linksys off-board one. [06:49] psi-jack: Trying a longer and different cable would be worth it at this point, IMO. [06:49] Yep. Same cable that went to the nforce2 that wouldn't go 1000, is hooked into the linksys, and connecting at 1000 [06:50] jmarsden: I tried that too. [06:50] Maybe the Linksys is more tolerant of the too-short out of spec cable than the others? [06:50] OK. [06:50] that type of thing is generally handled by the NIC itself, with hooks for the drivers to interfere if needed [06:50] I switched out cables for brand new freshly made cables. heh [06:51] Which were over 3 feet, right? [06:51] Correct. [06:51] if the switch is behaving correctly, and the cables are working, the next logical step is hardware failure, but two NICs at the same time is unlikely [06:51] Seems odd indeed. Can you test with a different switch at some point? [06:52] Yeah. Both the on-board NIC's won't do 1000, but are capable of it. [06:52] what happens if you connect the NICs to each other? [06:52] jmarsden: Only have the one gigabit switch. [06:52] Borrow one from a friend, move PC to friends house, etc etc... ? [06:52] jmarsden: Heh, I literally just bought the switch from a friend. :p [06:53] gigabit is automagic, so you can connect anything to anything [06:54] while connecting two NICs in one machine to each other isn't very practical, it should at least get you a gigabit link light [06:54] qman__: That's a negative. [06:54] Gigabit did not go. [06:54] do they link at 100, or not at all [06:55] 100, yes. 1000, no. [06:55] And both nic's I see are using the sk98lin driver for them. [06:56] so far that's the only thing in common [06:57] one way to verify would be, if they have lights for gigabit, to reboot the machine and see if they go gigabit before the OS loads [06:57] though that'd be very inconvenient and somewhat inconclusive [06:58] Boot from a *BSD LiveCD and see if its drivers do any better?? [06:58] qman__: I believe when I first booted back up my system it was 1000, initially. [06:58] jmarsden: That's also a thought. I'll prolly try that. ;) [06:59] Once my backups finish. [06:59] that wou;d confirm it as being the driver [06:59] funny how that works [06:59] the driver removes functionality [07:00] Heh. [07:00] Well, both these systems are the last two still actually running opensuse, but that's very soon to be changing to ubuntu-server and ubuntu-desktop within the next few hours, hence the backup. ;) [07:02] Hmm, now, the 3c940 apparently can use the skge driver as well? the sk98lin was actually in the modules.d blacklist. heh [07:19] !img3 [07:19] Sorry, I don't know anything about img3 [07:20] drurew: See http://theiphonewiki.com/wiki/index.php?title=IMG3_File_Format [07:21] heh, im looking at already... [07:21] tx tho [07:22] No problem :) [07:30] does anyone know of any "succesful" attempts at iphonelinux ? [07:30] * drurew waits for a bunch of trouts to fly his way [07:32] let me rephrase...*successfully documented (including all sources) attempts [07:34] Unless Ubuntu server was ported to it, that's off topic here... maybe ask at irc://irc.osx86.hu/iphonelinux instead? [07:38] yeah your probly right...just the only way to install it is with ubuntu 8.10....so [07:38] k [07:38] laterz [08:57] is it sensible to configure dovecot/postfix to use passwords which are different from the system passwords, particularly for users with root access? [09:04] jtxx0001: Could be, yes. Especially if there is also a webmail, which those users use from wherever. [09:07] andol: would the best way to go about this be to use dovecot's authentication with a passwd file? [09:09] jtxx0001: No idea what the best way is for your needs. The easiest is probably to simply to configure dovecot to use another auth source, and have postfix auth by using dovecot. [09:10] jtxx0001: Then of course, there is always PAM. [09:11] jtxx0001: By the way, this is really not my expertiece. I know enough to figure out what I need to do myself, but not really to give other people (good) advice. [09:12] andol: i'll look into PAM, but i think i've managed to get it working now. thanks for the help! [09:28] Hi [09:28] I'm trying to configure a DNS and DHCP server [09:28] DHCP is working [09:28] DNS seems to be working [09:28] but I cannot access anything from outside this lan [09:29] I can't even ping my gateway, but I can ping and resolve any other machines in the lan [12:01] New bug: #413985 in dhcp3 (main) "dhcp3-server fails to install on ubuntu 9.04" [Undecided,New] https://launchpad.net/bugs/413985 [12:27] Hi all, got a question about post fix. I have a simple email server setup, and can send and recive. I have setup masquerading_domain, with this I am able to send to outside email addresses, relaying through my isp. When the email arrives it showes name@server.mydomain.com, would I need to setup aliases to show it as name@mydomain.com. [12:56] hello folks, i have an issue with a soft raid 5 array, ext4 .. userspace application get's cut from data read on the storage, this last for less than a sec, then goes again [12:56] if someone could help on how to dig this out,i would appreciate it === |sunny| is now known as dzzz [13:25] New bug: #412501 in php5 (main) "php5 crashed with SIGSEGV in _Unwind_ForcedUnwind()" [Medium,New] https://launchpad.net/bugs/412501 === Nightlurs is now known as Nightlurker [14:02] New bug: #403599 in php5 (main) "Installing PHP5 performs a reload to apache instead of a restart" [Low,Confirmed] https://launchpad.net/bugs/403599 === ^grim76^ is now known as Grim76 [14:22] hmm this chan is as good as dead [14:22] no, idle is not dead. [14:22] Maleko: it's a Saturday morning in the US ... clearly most people won't be around [14:23] oh.. [14:23] and brunch/ early dinner in Sweden [14:24] weve just had dinner here and are now slowly approaching saturday's midnight in next couple of hours [14:25] btw any idea how i could start X through ssh? [14:25] Maleko: x [14:25] xorg isn't supported in #ubuntu-server [14:25] X11-forwarding is a good suggestion. [14:26] giovani: nah, but perhaps settings in sshd.conf server-side is? :) [14:26] i have some apps on my ubuntu server that need to run under wine but its being picky and refuse to launch without window manager. so i then installed both wine and window manager on the os [14:27] now i need to start the X.. tried startx but that doesnt work [14:27] ewook: not when they relate to running xorg on the server [14:28] giovani: I get your point. [14:28] Maleko: what applications are you referring to? [14:29] gameserver daemon apps that run in windows cmd prompt mode [14:30] Maleko: sound like applications suited for windows then [14:35] maybe but they should be able to run fine under wine with X support on the os [14:36] Maleko: except that wine and x aren't appropriate on a server setup unless you really know what you're doing [14:50] Maleko: maybe you need to get a windows server [14:59] Boohbah: shame on you and your foul language [15:50] New bug: #414017 in samba (main) "Reloading /etc/samba/smb.conf smbd only" [Undecided,New] https://launchpad.net/bugs/414017 [17:01] New bug: #414109 in samba (main) "package samba 2:3.3.2-1ubuntu3.1 failed to install/upgrade: il sottoprocesso post-installation script ha restituito un codice di errore 127" [Undecided,New] https://launchpad.net/bugs/414109 [17:09] Hi - I have a question. Trying to set up my first email sever (emix/dovecot). I can connect to the IMAP no worries, and test emails genereted at the server get delievered to my client fine, but I'm not reciving email from external addresses. Any ideas? [17:14] (and obviously by emix I mean exim 8o\ ) [17:25] OK, update, so I can "telnet localhost 25" but can't telnet remotely - connection refused. How do I change this? [17:33] BlueFaceMonster: Sounds like a Firewall/Port Forwarding issue. Also could be an ISP block on port 25 if you are doing this on residential Internet access. [17:34] Hi, Grim76__. Not residential, but firewall/forwarding sounds about right. Is there a default firewall for ubuntu-server? I thought it might be AppArmor but that's not installed. [17:36] BlueFaceMonster: I don't recall there being one by default on the last installation that I did. There might be a firewall at the perimeter of your network that needs to be configured to point traffic to the server. [17:36] Noted, will look into it. Thank you!# [17:37] BlueFaceMonster: Really quick. Can you telnet to port 25 from another machine on the same network? [17:37] Not sure how to check that, it a hostes VPS [17:39] BlueFaceMonster: OK. I know some VPS providers have a firewall that you can self configure. Also you might try an sudo iptables -L to see if there are any rules in place based on their build. [17:42] To be honest, Grim76__, I've got no idea what I'm looking at. Could you check it for me if you have a chance? http://www.pastie.org/585055 [17:44] BlueFaceMonster: Before digging into iptables rules, are you sure exim is listening on the external IP address as well as on localhost? Try netstat -ntl | grep :25 to find out [17:44] tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN [17:45] It's not! [17:45] So configure it to do so and life will be better :) [17:45] you make it sound so easy! :) [17:45] You know what's coming next, don't you... [17:45] Thanks jmarsden...Forgot to check for that. [17:46] ...how do I do that then? [17:46] You;ve never configured exim in your life and have no idea how... right? [17:46] Genius [17:46] Wait a sec... I use postfix more than exim these days... let me check... [17:46] Thank you! [17:47] * BlueFaceMonster is slowly getting used to being a newb [17:47] BlueFaceMonster: We all have to learn sometime. [17:49] I only recently discovered ubuntu IRC, and so far I've configured a webserver, made a Python/Pylons webpage from scratch and now this... all in a week. It's great! Hopefully get to "pay it forward" someday and help other [17:51] BlueFaceMonster: Let's try sudo dpkg-reconfigure exim4-config [17:51] BlueFaceMonster: Look at your configuration and look for dc_local_interfaces according to what I am reading that is where you specify what interfaces to listen. [17:52] Grim76__: Probably better to use the "friendly" config tools rather than manual file editing, don't you think? [17:53] _{It depends who you ask :-)
[17:53] _{hehe
[17:53] Good point.
[17:54] nah, I'm an expert at "sudo nano /etc/foo.conf" now
[17:54] BlueFaceMonster: Follow jmarsden and ignore me on that one. I am used to editing the config files directly.
[17:54] sub: It depends who you are and your level of experience, IMO. I'd hack it, but I've been doing Unix system and network admin for 15+ years...
[17:54] I'm happy with that, just can find exim.conf! Friendly tools it is...
[17:55] * can't
[17:55] Hmmm. When you installed exim what did you do regarding configuring it? Didn't you get the debconf dialogs about it then?
[17:56] _{jmarsden: Yes, very true, I agree. I've been doing *nix admin for about 5 total (though I have been using Linux for 10!)
[17:57] _{BlueFaceMonster: The friendly config tool is can be launched via: sudo dpkg-reconfigure exim4-config
[17:57] _{s/is//
[17:57] I did, jmarsden, but I just forgot to add the external IP address. I have now, it was very easy and I am composing a suitable test email to myself... fingers crossed...
[17:57] _{Ah sorry, misunderstood :)
[17:58] Good. Looks like all is well, I'll go eat my breakfast... have fun with exim :)
[17:58] Does anyone here run ubuntu server with mysql installed?
[17:59] Tadaa! Worked like a charm! My thanKs to you all!
[18:00] BlueFaceMonster: re firewall in Ubuntu> the default firewall tool is 'ufw'. It is not enabled be default. see 'man ufw' and https://wiki.ubuntu.com/UbuntuFirewall for details
[18:01] will do, thanks.
[18:01] ivantis: Ask you real question and find out who can help answer it...
[18:02] BlueFaceMonster: Out of curiosity where did you get your VPS?
[18:02] tagadab.com - can't fault them, service so far has been impeccible and cheap and chips, too
[18:02] BlueFaceMonster: Ok thanks for the information.
=== JanC_ is now known as JanC
[19:35] hey guys i have purchased a Dedicated Server - first time with multiple IP's i have a IP range - 72.232.190.90 to 72.232.190.94 - but when i try to ssh into it using lets say 72.232.190.91 - i never am connecting, do i need to activate these IPs somewhere before i can use them ? if so how ?
[19:36] i am connecting fine using *.*.*.90
[19:36] but not connecting at all using *.*.*.91-94
[19:37] vecy: Do you have interfaces (or interface aliases) that actually are set to those IP addresses? If not, your sever will not respond to traffic send to those IPs.
[19:38] i honestly dont know, i am logged in as root and i have not set anything besides installed LAMP (apache ..)
[19:38] Do you *need* to use the other IPs for something in particular? If so, what?
[19:38] when i type 'ifconfig' i see only the *.90 set
[19:38] Then you are only listening on .90
[19:39] well i want to setup my Apache for 5 websites if ip: 72.232.190.91 go to /home/user1/www if 72.232.190.92 go to /home/user2/www ... and perhaps some other stuff just incase
[19:39] do you know the commands how to set those ips up ?
[19:40] vecy: Do you know how to do virtualhosts? It's similar
[19:41] ohh true vhosts i totally forgot about them, yes i can use those and bind to domain name even better... :)
[19:41] thar you go :)
[19:42] vecy: if you decide you do need the other IPs, man interfaces and also less /usr/share/doc/ifupdown/examples/network-interfaces.gz will probably get you on your way to configuring interface aliases for the other addresses.
[19:45] thx :) reading on it now.. seems simple lets try rebooting now for changes to take affect.. a reboot is required right ?
[19:46] No, just restart networking or probably just ifup the newly defined interface aliases
[19:46] But I'd only add them if you need to use them; otherwise, keep it simple.
[19:49] ah i rebooted before ive seen your msg and its been 5minutes
[19:49] server still not up hmm could it get stuck anywhere ?
[19:49] That's a long reboot... well, it could if you broke things and misconfigured the network interfaces...
[19:50] Maybe you need to see whether your provider offers you remote console access of some kind?
[19:51] well the /etc/.../interfaces file had if i recall eth0 auto... then eth0 ... static my ip .. subnet.. gateway
[19:51] and i just copy pasted that from eth0 static .. 3 times changed ip only
[19:51] That's unlikely to work, you need separate interface aliases for each IP, I *think*... like eth0:0, eth0:1 ... which were in the examples.
[19:52] iface eth0 inet static; address 192.168.1.5; netmask 255.255.255.0; gateway 192.168.1.254
[19:52] Get yourself remote console access and see what is going on.
[19:52] it had this line
[19:52] i just copy pasted and changed ip
[19:52] thats just an example ok
[19:52] ill give them a call to see if they can give me remote console access
[19:52] _{try the last IP you configured
[19:53] _{because jmarsden is correct about the interface aliases
[19:54] _{also the gateway only needs to be configured once
[19:58] im such a noob lol first try locked myself out ... waiting for support to reply
[20:00] _{You've gotta learn somehow :P
[20:01] is anyone here with LayeredTech by the way - just wondering where does one find the 'Automatic OS reloads' button which they advertise but not found within the Customer Portal
[20:22] so you guys are saying i should be doing
[20:22] iface eth0 inet static; address 192.168.1.5; netmask 255.255.255.0; gateway 192.168.1.254
[20:22] for ip #1
[20:22] iface eth1 inet static; address 192.168.1.5; netmask 255.255.255.0; gateway 192.168.1.254
[20:22] for ip #2
[20:22] ?
[20:22] and etc eth2, eth3..
[20:24] No... use eth0, eth0:0 and eth0:1 since you only have one physical network interface, eth0. eth0:X are the aliases
[20:24] I'm out of here... on my way to attend a wedding...
[20:25] cool thx
[20:44] should
[20:44] auto eth0 eth0:1 eth0:2 eth0:3
[20:44] cause any problems ?
[20:45] i added it and not again! it looks like i broke my server again, cant connect to it anymore
[21:01] vecy: you should never be editing core networking config files without an alternate means of accessing the server
[21:02] you WILL break something if you're not very careful and experienced with how the files work
[21:02] however, to answer your question, yes you can auto multiple interfaces on one line, that's fine
[21:02] you probably had a typo elsewhere in the config
[21:03] When should I chroot?
[21:03] when you have a need for it ...
[21:03] when the process is self-contained within a specific directory structure, or can be easily adapted to
[21:04] for security is useful?
[21:04] it can be
[21:04] I want to run a ventrilo server
[21:04] I dont know if doing that is necesary
[21:04] necessary? definitely not
[21:05] but its a lot secure or its the same :(
[21:06] doing that what Im preventing?
[21:06] there's no way for me to give you a simple answer
[21:06] the security advantages are, if the ventrilo software is compromised, they only have access to files that were placed in the chroot
[21:07] and they won't be able to access other files on your server, unless there's a bug or vulnerability in the kernel
[21:07] but if the attacker gain root?
[21:07] oh
[21:07] well it's unlikely that they'd gain root through a chrooted server
[21:07] They shouldn't, if Ventrilo isn't running as root, and if there are no root escalation vulnerabilities in your kernel.
[21:07] however, if someone gains root on a server ... it's game over
[21:07] and there are many levels of chroot, because I saw you can chroot ftp
[21:08] there are not many "levels" of chroot
[21:08] chroot is a concept, it's either in use or not
[21:08] chrooting users to their home directory is a common step where users on a system aren't trusted
[21:08] (the ftp server is an example of where that might be used)
[21:09] for every user I must creat an enviroment?
[21:09] if you wanted to chroot your users, yes
[21:09] but that's separate from chrooting a particular server binary
[21:10] and what is the bad about it?,
[21:11] wasting hd space
[21:11] chrooting is a pain to set up, it sometimes required a lot of work, and if you don't do it properly, you'll spend hours troubleshooting missing binaries, etc
[21:11] s/required/requires/
[21:11] I tried and I failed
[21:11] my point exactly
[21:12] I wonder which files are required to create the environment
[21:12] ldd, and google usually help with that
[21:12] I can remove all thats unnecesary
[21:15] I got a guide
[21:15] but not for ubuntu
[21:15] very little (if any) of this is ubuntu-specific
[21:15] so that's not a problem
[21:16] hey guys i am changing the motd.. are there any variable aliases i can use like Hello %username% welcome! << example ?
[21:16] i havent touched linux much so unsure
[21:16] vecy: /etc/motd is a static file
[21:17] /etc/issue on the other hand allows text substitution along the lines of what you'd like
[21:18] to my knowedge, you can't print the username though -- you could write a wrapper script to handle this
[21:21] ok one more thing lets say i have a program i want to start it everytime i reboot automatically
[21:21] how do i do such thing ?
[21:21] its web server.. but i need to run it manually all the time (xampp)
[21:22] what is xampp?
[21:22] its a combination of apache,mysql,ftp... all in one
[21:22] most server applications installed in ubuntu-server are automatically placed in /etc/rcX.d/ so that they start on bootup
[21:22] but i need to type ./lampp everytime to run it
[21:22] that doesn't sound like something built properly for ubuntu
[21:23] I'd recommend installing packages from ubuntu which will work well together, and properly integrate into the system
[21:23] root@arctica:/opt/chrooted/ventrilo# su ventrilo
[21:23] root@arctica:/opt/chrooted/ventrilo#
[21:23] why I cant su :(
[21:23] HellMind: "su - ventrilo"
[21:24] its the same
[21:24] it returns #
[21:24] then you didn't set up the user properly
[21:24] it says I must set it /bin/false
[21:24] the shell
[21:24] if you set the shell to /bin/false ... then you can't log in as the user like you're trying to
[21:25] you can do one or the other, but not both
[21:25] but I can run the server right
[21:25] yes ...
[21:25] but su is going to start the shell
[21:25] which you've disabled
[21:25] so clearly it won't work
[21:26] su -s /bin/sh - ventrilo
[21:26] That will log in as the ventrilo user. Not sure why you'd want to, but there you go.
[21:26] uh
[21:26] let's not provide workarounds like that
[21:26] that serves no purpose
[21:26] It's not a "workaround".
[21:27] If you need to test something as a user with a false shell, that's how you do it.
[21:27] it absolutely is -- either the user has a shell or not
[21:27] giovani he is a pro
[21:27] infinity you rock
[21:28] i dont understand, if I can do that
[21:28] you shouldn't be doing that
[21:28] and I see am not chrooted,
[21:28] that's the point
[21:28] how can I see the chrooted environment
[21:28] How can I see it working
[21:28] i asked this question on another linux channel without response.. lets try here
[21:28] hi guys is there a way to make aliases to commands .. lets say i have /opt/lampp/lampp (a webserver) can i make a global alias so i could just type startwebserver and it would automatically go to /opt/lampp/lampp
[21:29] vecy: yep, you're probably looking to set bash aliases
[21:29] this can be done in the .bashrc file in each user's home directory
[21:30] nice
[21:30] How do I know my user is being chrooted
[21:31] Users aren't chrooted, processes are.
[21:31] thats why I asked the lvl of chroot,
[21:32] if I execute the sever using your tip, the process will be chrooted?
[21:32] Is /opt/chrooted/ventrilo a chroot containing what will be run?
[21:32] yes
[21:32] If so, "chroot /opt/chrooted/ventrilo" would get you "in that environment".
[21:33] but how should I start the process to chroot it then ?
[21:33] But, you probably want a nice init script or something that will start your vent server in the chroot.
[21:33] "chroot /opt/chrooted/ventrilo" will spawn the shell chrooted
[21:33] i got a .c script but it doesnt do chroot
[21:33] vecy: if you want to make aliases for every user on the system, best to place them in /etc/profile
[21:34] it only does setgid( and setgroups(
[21:37] So I should chroot lets say in the /etc/init.d script?
[21:38] Assuming the application doesn't chroot itself (and I'm pretty sure vent doesn't/can't), then doing it in the init script is the cleanest place, yeah.
[21:39] With a nice init script, you can also do some clever things like make sure the chroot is always fresh (copy over libc6, etc) before you start your application.
[21:39] I tend to do sketchy things like mount a tmpfs, copy the libraries that my application depends on, copy in the application itself, then start it. Then you get a nice, fresh chroot every time you restart.
[21:40] (Which means that package updates will stay in sync with the chroot)
[21:40] if you do a sym link for that
[21:40] you are unchrooting?
[21:41] You can't symlink out of a chroot..
[21:41] thats right :D
[21:42] so all the symlink on the chroot will be unavailable
[21:42] if you chroot?
[21:42] it will show broken link
[21:42] or something?
[21:42] Well, if they're absolute symlinks using full filesystem paths, yeah.
[21:42] Any symlinks that are internally consistent IN the chroot would be fine.
[21:43] nice
[21:43] A symlink is literally just a text string. There's nothing fancy about it.
[21:43] So, if "foo" points to "/unf/whatever", if the latter exists in the chroot, the symlink works.
[21:43] If not, it doesn't.
[21:44] The file doesn't need to exist when you create the symlink, just when you want to resolve it. :P
[21:46] what happen if you do a cycling linking
[21:46] like a => b => c => a
[21:46] Don't? :)
[21:46] dont know?
[21:46] Depends on your application.
[21:47] It won't hurt the system in any way. They're just files on the disk.
[21:47] But an application reading "a" could get itself caught in an infinite loop if it's written by people unprepared for such siliness.
[21:49] but isnt about the app, is about the filesystem, the app doesnt resolve a symlink -_-
[21:50] The filesystem just hands back a pointer to the real inode.
[21:50] Which libc then hands off to the application as the new file handle.
[21:51] If the application then opens that, finds another symlink, and loops... And doesn't notice it's in a loop.
[21:51] *shrug*
[21:51] It's somewhat academic. The answer is "don't do that, then".
[22:19] _{ln -s a b; ln -s b a; cat a gives me "cat: a: Too many levels of symbolic links
[22:19] _{:-)
[23:15] Hey gais - http://my.brandeis.edu/bboard/q-and-a-fetch-msg?msg_id=0000Dn << how does that translate into ubuntu land?
[23:16] I want ot tweak my /proc/sys/fs/file-max, inode-max (didn't find this one!) and perhaps something on ulimit
[23:16] I am getting Too many files open exception
[23:17] r3rman_: it has nothing to do with ubuntu
[23:17] r3rman_: those are linux kernel settings ... feel free to modify them in ubuntu, it's no different than elsewhere
[23:17] giovani, I don't see the inode-max on my install tho'
[23:18] however, those posts are from years ago
[23:18] yeah :s
[23:19] r3rman_: those are from 2.2
[23:19] long ago, things have changed heavily in 2.6
[23:19] adjust file-max instead
[23:20] aaah, pkill -9 actually works, whereas killall -p 9 fails and stops when it matches one process you don't own
[23:20] giovani, where is file-max?
[23:20] ... same place as you thought inode-max was
[23:20] w00t
[23:20] googling clearly identifies all of this
[23:20] you should know that these settings don't stay after a reboot
[23:21] yeah, so I'll emacs that file, set it high, like 65535, and I can put a init.d to reconf it though right? or just even ~.bashrc ? (or ~/.profile?) - does it take effect immediately though?
[23:21] you can either place the settings in /etc/sysctl.conf, or in /etc/sysctl.d/ -- read the README in that dir
[23:22] thanks
[23:22] r3rman_: no no no
[23:22] r3rman_: sysctls don't belong in any of the places you mentioned
[23:22] Err.
[23:22] r3rman_: If you're getting "too many open files", it's probably not a kernel setting you're after, but a session limit.
[23:22] r3rman_: See /etc/security/limits.conf
[23:23] aah, right, I bumped into that one before I fell asleep earlier, cheers infinity
[23:23] (See ulimit(1))
[23:23] Default for open files is 1024.
[23:24] infinity, you think 65535 is the max?
[23:24] hey guys random question, if i get the 'host key verification failed' error when trying to connect to a server, what am i doing wrong (this is before i even get a chance to enter a password/username)
[23:24] r3rman_: I think that if you have a process using 65535 open handles, you have a very broken application.
[23:24] infinity, or a very awesome one
[23:25] r3rman_: Raising ulimits is usuall a troubleshooting step, not a fix. :P
[23:25] it isn't broke, it is just slamming two 8 cores like bitches, and ripping up lots of files, across two machines with 200Tb of storage. and doing crazy stuff. I've finally written something to organise my porn
[23:26] Not seeing how 8 threads translates to 65 thousand open handles at once, but sure.
[23:27] You'll be heavily I/O limited if you don't serialise that a bit.
[23:27] infinity, yeah, you are right, I was thinking to dump it all into a berkley db, maybe I will
[23:28] but, I have zillions of threads raeping the nets and when they complete they touch a file and impregnate it with awesome
[23:29] that front end is well tuned, and gets the highest throughput right nao, but as I cranked it up past 11 it didn't like it
[23:29] * soft nofile 65535 < infinity do I need to restart session now?
[23:30] r3rman_: Logging out and logging in should be enough to make it happy.
[23:30] (Or whatever starts a new session for your process... su, sudo, etc)
[23:30] r3rman_: You can verify you got it right with "ulimit -a" and check the values.
[23:31] open files is still 1024
[23:31] aah need to log in / out
[23:31] I could also run run a ulimit command to set it in memory now?
[23:31] r3rman_: Yeah. Limits are set by PAM, so you need a fresh session.
[23:31] oh ok... I am accessing via vnc... perhaps I can logoff and on graphically... who knows, never tried
[23:32] r3rman_: ulimit will only let you change user limits up to the hard limit, since root controls those.
[23:32] r3rman_: But that would be lost on the next session start, hence why setting the default(s) for the user(s) makes a bit more sense.
[23:33] ok. I've fusked my vnc now, I loaded gnome-session to see if I could logout that way, but that brough about the asdf abfh bug
[23:33] lol
[23:37] ulimit -n still gives 1024.... reshoe tiem
[23:48] New bug: #414232 in munin (universe) "munin-node tries to "autoconf" /usr/share/munin/plugins/postgres_space_" [Undecided,New] https://launchpad.net/bugs/414232
[23:49] By the way, if someone feels like confirming that one
[23:49] ...feel free to do so :)
[23:52] Okay.. Since my on-board NIC's capable of doing Gigabit isn't working as I'd hoped they would...
[23:52] I'm looking for options of PCI-based NIC's that can do it and are well supported by Linux.
[23:52] Intel and or Netgear brands would be preferred.
[23:58] Anyone with suggestions of hardware and model numbers?
[23:58] any of the intel pro stuff is good
[23:58] not cheap though
[23:59] I don't mind spending about $100/card
[23:59] As long as they're worth it.}}}}}}}}}}}}